VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
epss	0.56397	https://api.first.org/data/v1/epss?cve=CVE-2014-6593
epss	0.56397	https://api.first.org/data/v1/epss?cve=CVE-2014-6593
epss	0.57714	https://api.first.org/data/v1/epss?cve=CVE-2014-6593
epss	0.57714	https://api.first.org/data/v1/epss?cve=CVE-2014-6593
epss	0.5904	https://api.first.org/data/v1/epss?cve=CVE-2014-6593
epss	0.5904	https://api.first.org/data/v1/epss?cve=CVE-2014-6593
epss	0.5904	https://api.first.org/data/v1/epss?cve=CVE-2014-6593
epss	0.5904	https://api.first.org/data/v1/epss?cve=CVE-2014-6593
epss	0.5904	https://api.first.org/data/v1/epss?cve=CVE-2014-6593
epss	0.5904	https://api.first.org/data/v1/epss?cve=CVE-2014-6593
epss	0.5904	https://api.first.org/data/v1/epss?cve=CVE-2014-6593

System

Score

Found at

epss

0.56397

https://api.first.org/data/v1/epss?cve=CVE-2014-6593

epss

0.56397

https://api.first.org/data/v1/epss?cve=CVE-2014-6593

epss

0.57714

https://api.first.org/data/v1/epss?cve=CVE-2014-6593

epss

0.57714

https://api.first.org/data/v1/epss?cve=CVE-2014-6593

epss

0.5904

https://api.first.org/data/v1/epss?cve=CVE-2014-6593

epss

0.5904

https://api.first.org/data/v1/epss?cve=CVE-2014-6593

epss

0.5904

https://api.first.org/data/v1/epss?cve=CVE-2014-6593

epss

0.5904

https://api.first.org/data/v1/epss?cve=CVE-2014-6593

epss

0.5904

https://api.first.org/data/v1/epss?cve=CVE-2014-6593

epss

0.5904

https://api.first.org/data/v1/epss?cve=CVE-2014-6593

epss

0.5904

https://api.first.org/data/v1/epss?cve=CVE-2014-6593

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6593.json
		https://api.first.org/data/v1/epss?cve=CVE-2014-6593
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412
1183049		https://bugzilla.redhat.com/show_bug.cgi?id=1183049
CVE-2014-6593;OSVDB-117238	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/38641.rb
RHSA-2015:0067		https://access.redhat.com/errata/RHSA-2015:0067
RHSA-2015:0068		https://access.redhat.com/errata/RHSA-2015:0068
RHSA-2015:0069		https://access.redhat.com/errata/RHSA-2015:0069
RHSA-2015:0079		https://access.redhat.com/errata/RHSA-2015:0079
RHSA-2015:0080		https://access.redhat.com/errata/RHSA-2015:0080
RHSA-2015:0085		https://access.redhat.com/errata/RHSA-2015:0085
RHSA-2015:0086		https://access.redhat.com/errata/RHSA-2015:0086
RHSA-2015:0133		https://access.redhat.com/errata/RHSA-2015:0133
RHSA-2015:0134		https://access.redhat.com/errata/RHSA-2015:0134
RHSA-2015:0135		https://access.redhat.com/errata/RHSA-2015:0135
RHSA-2015:0136		https://access.redhat.com/errata/RHSA-2015:0136
RHSA-2015:0263		https://access.redhat.com/errata/RHSA-2015:0263
RHSA-2015:0264		https://access.redhat.com/errata/RHSA-2015:0264
USN-2486-1		https://usn.ubuntu.com/2486-1/
USN-2487-1		https://usn.ubuntu.com/2487-1/

Reference id

Reference type

URL

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6593.json

https://api.first.org/data/v1/epss?cve=CVE-2014-6593

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412

1183049

https://bugzilla.redhat.com/show_bug.cgi?id=1183049

CVE-2014-6593;OSVDB-117238

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/38641.rb

RHSA-2015:0067

https://access.redhat.com/errata/RHSA-2015:0067

RHSA-2015:0068

https://access.redhat.com/errata/RHSA-2015:0068

RHSA-2015:0069

https://access.redhat.com/errata/RHSA-2015:0069

RHSA-2015:0079

https://access.redhat.com/errata/RHSA-2015:0079

RHSA-2015:0080

https://access.redhat.com/errata/RHSA-2015:0080

RHSA-2015:0085

https://access.redhat.com/errata/RHSA-2015:0085

RHSA-2015:0086

https://access.redhat.com/errata/RHSA-2015:0086

RHSA-2015:0133

https://access.redhat.com/errata/RHSA-2015:0133

RHSA-2015:0134

https://access.redhat.com/errata/RHSA-2015:0134

RHSA-2015:0135

https://access.redhat.com/errata/RHSA-2015:0135

RHSA-2015:0136

https://access.redhat.com/errata/RHSA-2015:0136

RHSA-2015:0263

https://access.redhat.com/errata/RHSA-2015:0263

RHSA-2015:0264

https://access.redhat.com/errata/RHSA-2015:0264

USN-2486-1

https://usn.ubuntu.com/2486-1/

USN-2487-1

https://usn.ubuntu.com/2487-1/

Data source	Exploit-DB
Date added	Nov. 5, 2015
Description	JSSE - SKIP-TLS
Ransomware campaign use	Unknown
Source publication date	Nov. 5, 2015
Exploit type	webapps
Platform	multiple
Source update date	Nov. 5, 2015

Exploit-DB

Nov. 5, 2015

JSSE - SKIP-TLS

Unknown

Nov. 5, 2015

webapps

multiple

Nov. 5, 2015

Data source	Metasploit
Description	This module exploits an incomplete internal state distinction in Java Secure Socket Extension (JSSE) by impersonating the server and finishing the handshake before the peers have authenticated themselves and instantiated negotiated security parameters, resulting in a plaintext SSL/TLS session with the client. This plaintext SSL/TLS session is then proxied to the server using a second SSL/TLS session from the proxy to the server (or an alternate fake server) allowing the session to continue normally and plaintext application data transmitted between the peers to be saved. This module requires an active man-in-the-middle attack.
Note	{}
Ransomware campaign use	Unknown
Source publication date	Jan. 20, 2015
Source URL	https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/server/jsse_skiptls_mitm_proxy.rb

Metasploit

This module exploits an incomplete internal state distinction in Java Secure Socket Extension (JSSE) by impersonating the server and finishing the handshake before the peers have authenticated themselves and instantiated negotiated security parameters, resulting in a plaintext SSL/TLS session with the client. This plaintext SSL/TLS session is then proxied to the server using a second SSL/TLS session from the proxy to the server (or an alternate fake server) allowing the session to continue normally and plaintext application data transmitted between the peers to be saved. This module requires an active man-in-the-middle attack.

{}

Unknown

Jan. 20, 2015

https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/server/jsse_skiptls_mitm_proxy.rb

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:35:36.138695+00:00	Ubuntu USN Importer	Import	https://usn.ubuntu.com/2486-1/	37.0.0

2025-07-31T08:35:36.138695+00:00

Ubuntu USN Importer

Import

https://usn.ubuntu.com/2486-1/

37.0.0

Vulnerability ID	VCID-j99c-64x4-53ff
Aliases	CVE-2014-6593
Summary
Status	Published
Exploitability	2.0
Weighted Severity	0.5
Risk	1.0
Affected and Fixed Packages	Package Details

Percentile	0.98018
EPSS Score	0.56397
Published At	Aug. 2, 2025, 12:55 p.m.